cvedb.io
CVE-2026-1849
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2026-02-10T19:15:51.477 · Last modified 2026-06-17T10:16:36.707

Summary

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression.

Affected products

mongodb — mongodb

Does this affect you?

Add your gear to cvedb and we'll alert you only when mongodb ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.